Date: Mon, 17 Jan 2005 19:37:18 -0500 From: Kris Maglione <bsdaemon@comcast.net> To: freebsd-questions <freebsd-questions@freebsd.org> Subject: racoon and WinXP Message-ID: <41EC5A3E.1010401@comcast.net>
next in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigA2026ECD80A02E40413386E2 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit I'm trying to use windows xp on my laptop to test the performance of my wifi adapter vs the freebsd ath driver (which is performing horribly), but I can't get the windows isakmp implementation to negotiate a psk with racoon. tcpdump gives me things like: 19:28:04.011379 0:50:fc:e8:dd:ae 0:f:b5:34:3d:9b ip 286: 192.168.1.1.isakmp > 192.168.1.254.isakmp: isakmp: phase 1 I agg: [|sa] 19:28:04.012103 0:f:b5:34:3d:9b 0:50:fc:e8:dd:ae ip 98: 192.168.1.254.isakmp > 192.168.1.1.isakmp: isakmp: phase 2/others R inf: [|n] 19:28:05.680401 0:f:b5:34:3d:9b 0:50:fc:e8:dd:ae ip 77: 192.168.1.254.1036 > 192.168.0.1.domain: 30+ A? crl.microsoft.com. (35) 19:28:24.029320 0:50:fc:e8:dd:ae 0:f:b5:34:3d:9b ip 286: 192.168.1.1.isakmp > 192.168.1.254.isakmp: isakmp: phase 1 I agg: [|sa] 19:28:24.030058 0:f:b5:34:3d:9b 0:50:fc:e8:dd:ae ip 98: 192.168.1.254.isakmp > 192.168.1.1.isakmp: isakmp: phase 2/others R inf: [|n] 19:28:44.047271 0:50:fc:e8:dd:ae 0:f:b5:34:3d:9b ip 286: 192.168.1.1.isakmp > 192.168.1.254.isakmp: isakmp: phase 1 I agg: [|sa] 19:28:44.047982 0:f:b5:34:3d:9b 0:50:fc:e8:dd:ae ip 98: 192.168.1.254.isakmp > 192.168.1.1.isakmp: isakmp: phase 2/others R inf: [|n] btw, anyone have an idea what's trying to talk to crl.microsoft.com? and racoon -F -v gives me things like: 2005-01-17 19:19:53: INFO: isakmp.c:813:isakmp_ph1begin_i(): begin Aggressive mode. 2005-01-17 19:21:53: ERROR: isakmp.c:1447:isakmp_ph1resend(): phase1 negotiation failed due to time up. b50ba08611fb67ea:0000000000000000 2005-01-17 19:22:14: ERROR: isakmp.c:1786:isakmp_chkph1there(): phase2 negotiation failed due to time up waiting for phase1. ESP 192.168.1.254->192.168.1.1 2005-01-17 19:22:14: INFO: isakmp.c:1791:isakmp_chkph1there(): delete phase 2 handler. 2005-01-17 19:27:04: INFO: isakmp.c:1694:isakmp_post_acquire(): IPsec-SA request for 192.168.1.254 queued due to no phase1 found. 2005-01-17 19:27:04: INFO: isakmp.c:808:isakmp_ph1begin_i(): initiate new phase 1 negotiation: 192.168.1.1[500]<=>192.168.1.254[500] 2005-01-17 19:27:04: INFO: isakmp.c:813:isakmp_ph1begin_i(): begin Aggressive mode. Any ideas? I'll post the config file if you want, but trying to describe the windows settings is more than a bitch. They both have the same key, I'll tell you that much. I set the timeouts in the racoon conf file to 140 secs. Thanks. --------------enigA2026ECD80A02E40413386E2 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB7Fo+mcXjc1XBrAQRAkvDAJsERwskoqOdqpNW4mEhBiqcIxgDhQCfYx+t tXoa4uoBA6Y/ivkla00DLQk= =HGzz -----END PGP SIGNATURE----- --------------enigA2026ECD80A02E40413386E2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41EC5A3E.1010401>